<?php
global $AppUI, $m, $tab;

$uid = $AppUI->user_id;
// Check permission
// TODO: Check permission role
// Check edit
$perms =& $AppUI->acl();
$canAccess = $perms->checkModuleItem($m, 'access');
$canEdit = $perms->checkModuleItem($m, 'delete');
// check permission list quotations
if(!$canAccess){
	$AppUI->redirect(PUBLIC_PAGE);
}

require_once($AppUI->getModuleClass('companies'));
require_once($AppUI->getModuleClass('suppliers'));
require_once($AppUI->getMasterDataClass('mdcurrency'));

require_once($AppUI->getMasterDataClass('mdtype'));
require_once($AppUI->getMasterDataClass('mdstatus'));

$types = dPgetSysVal( 'CompanyType' );
$page_limit = intval( dPgetParam( $_POST, 'page_limit', 10000));
$company_status = intval( dPgetParam( $_POST, 'company_status', 0 ) );
$company_type2 = intval( dPgetParam( $_POST, 'company_type2', 0 ) );
$company_name = dPgetParam( $_POST, 'company_name', '' );
$company_code = dPgetParam( $_POST, 'company_code', '' );
$company_exact_code = dPgetParam( $_POST, 'company_exact_code', '' );
$keyword = dPgetParam( $_POST, 'keyword', '' );
$company_ledge1 = dPgetParam( $_POST, 'company_ledge1', '' );
$company_ledge2 = dPgetParam( $_POST, 'company_ledge2', '' );
$page_offset = intval( dPgetParam( $_GET, 'page_offset', 0 ) );
$tab = intval( dPgetParam( $_GET, 'tab', 0 ) );
//$flagResult = 0;

$where = " 1=1";

if ($company_status != 0) {/*$flagResult = -1;*/ $where .= " AND company_status = $company_status";}
if ($company_type2 != "") {/*$flagResult = -1;*/$where .= " AND company_type2 = $company_type2";}
if ($company_ledge1 != "") {/*$flagResult = -1;*/$where .= " AND company_ledge1 LIKE '%$company_ledge1%'";}
if ($company_ledge2 != "") {/*$flagResult = -1;*/$where .= " AND company_ledge2 LIKE '%$company_ledge2%'";}
if ($company_name != "") {/*$flagResult = -1;*/$where .= " AND company_name LIKE '%$company_name%'";}
if ($company_code != "") {/*$flagResult = -1;*/$where .= " AND company_code LIKE '%$company_code%'";}
if ($company_exact_code != "") {/*$flagResult = -1;*/$where .= " AND company_exact_code LIKE '%$company_exact_code%'";}
if ($keyword != "") {/*$flagResult = -1;*/$where .= " AND (company_code LIKE '%$keyword%' OR company_name LIKE '%$keyword%')";}

// Load Object Status
$objMD = new CMdStatus();
$statList = $objMD->getStatusList('Customer');
$statList = arrayMerge(array('0'=>''), $statList);

$objMD = new CMdType();
$typeList = $objMD->getTypeList('Customer');
$typeList = arrayMerge(array('' => ''), $typeList);
global $m;
//echo $where;

//if ($flagResult < 0){
	// paging

	$q  = new DBQuery;
	$q->addTable('companies', 'c');
	//$q->addQuery('company_id, company_code, company_name, company_status, company_type, company_ledge1, company_ledge2, s.status_name, t.name as type_name');
	//$q->addQuery('company_id, company_code,company_exact_code, company_name, company_address1, company_phone1, company_fax, company_vat_code, div_name');
	$q->addQuery('c.*, d.*');
	$q->addJoin('md_status', 's', 's.status_id = c.company_status');
	$q->addJoin('md_type', 't', 't.type_id = c.company_type2');
	$q->addJoin('divisions', 'd', 'd.div_id = c.company_division');
	$q->addWhere($where);
	$qTotal = $q->prepare();
//	echo $qTotal;
	$q->setLimit($limit,$offset);
	$objResult = $q->loadList();

	$none = true;
	$totalRows = 0;
	$qTotal = str_ireplace('select *', 'select count(*) as total_rows', $qTotal);
	$tmp = db_loadList($qTotal);
	$totalRows = $tmp[0]['total_rows'];

	header('Content-Type: text/xml');

	$xml = new XmlWriter();
	$xml->openMemory();
	$xml->startDocument('1.0', 'UTF-8');
	
	$xml->startElement('root');
	
	obj2xml($xml, 'companies', 'company', $objResult);
	
	$xml->endElement();
	
	echo $xml->outputMemory(true);	
?>
